A number of instances have occurred where a cardholder may wish to make a purchase with their communication device or initiate some other type of e-commerce transaction from their communication device. However, these types of purchases/transactions inherently carry a high risk because the cardholder does not use their physical payment card to complete the purchase/transaction. As such, many card issuers or merchants may wish to have an extra level of security to verify the identity of the cardholder wishing to complete the purchase/transaction with their communication device. Current solutions have attempted to use voice authentication to verify the identity of the cardholder. However, these solutions are vulnerable to replay attacks because the user's voice could easily be recorded and replayed by fraudsters.
Embodiments of the invention address this and other problems, both individually and collectively.